After looking at phishing and hacking in our Internet Identity Theft series, let’s take a closer look at malware today. Now that we’ve figured out what malware is let’s look at the different forms of malware. We also provide tips on malware detection and how you can protect yourself.
What Is Malware?
All malicious programs and codes that damage systems directly or indirectly (for example, by reloading malicious software) are combined under the generic term “malware.” It is deliberately developed with malicious intent. The aim is to let the malware penetrate networks, computers, or computer systems and mobile devices such as smartphones and tablets to disable them or at least damage them. In some cases, control is taken over the device.
Malware cannot harm physical hardware, but it can sometimes steal, delete, or encrypt data. Malware also allows the main functions to be changed, devices to be taken over, or activities to be spied on.
Malware: Who Should Be Hit?
Malicious software suppliers make no significant differences when targeting their possible victims: Individuals can be affected just as much as administrations and authorities, hospitals and clinics, production or retail systems, self-employed persons, or large corporations. The world is teeming with billions of devices. They are used to connect with banks, retailers, online shops, or business partners. There are opportunities to steal something everywhere – money, information, data, secrets, access.
All types of devices with all operating systems are also affected. Although it used to be said that macOS devices had no problem with malware, things are different today. Because Mac systems are just as affected by vulnerabilities as Windows systems, the same applies to iOS – security gaps can also exist here.
It is thanks to Linux’s low market share that criminals are still relatively uninterested in Linux systems. In addition, Linux convinces with good security and rights concepts, which makes it difficult for attackers. Nevertheless, Linux users also have to think about malware. On the one hand, because many users use Windows installations in parallel. On the other hand, because nobody can guarantee that cybercriminals will not attack Linux after all.
Malware In All Its Forms
Knowing how to protect yourself against malware makes sense to understand the different types of malware. It is also essential to know how the malware can get onto the system in the first place. To enumerate all the details would go far beyond the scope of this article, so that we will focus on the most common types.
As a rule, malware accesses your system via the Internet and email. For your practice, this means: whenever you are online. Malware gets onto your system when you surf infected sites, try out gaming demos, download infected music files or apps, install new tools from unknown providers, or when you open malicious email attachments. In short: malware can hit you anytime and anywhere if you do not take appropriate protective measures.
Ransomware Encrypts Data
Cybercriminals aim to extort a ransom. Ransomware usually gets onto the computer or system unnoticed by the user and encrypts data so that users are ultimately locked out. After the payment, the data is supposedly decrypted again and thus usable. In practice, however, it has been shown that no decryption takes place even after ransom payments have been made. As a rule, the criminals expect the ransom in cryptocurrencies.
Ransomware is difficult to detect and, therefore, challenging to avert, but signature-based virus scanners can recognize known ransomware families. If ransomware has managed to get onto the computer, the behavior-based detection of virus scanners can prevent damage from occurring.
Spyware Knows Too Much About Users
Spyware is malware that spies on the user’s activities without authorization and passes them on to the software developer. Many mobile apps contain spyware, but you can also encounter them on stationary systems.
Adware Floods Users With Advertisements
Adware shows you advertisements that redirect your search queries to appropriate advertising websites or collect marketing data to display individual advertisements. However, if the adware collects your data without your consent, it is considered malware.
For example, adware reaches computers via free and shareware. However, it can also be installed on your computer without authorization after visiting an infected website. In this way, computers are sometimes attacked via browser security holes. An alternative would be to use a Trojan for covert installation. If adware uses such methods, they are also known as “browser hijackers.”
Worms Destroy And Spread
As malware, worms are not unlike viruses: They too reproduce to spread to other computers. However, worms do immense damage by aiming to destroy data and files.
Trojans Use Tricks
Trojans are also known as the Trojan horse – and this name for this type of malware is no coincidence: Trojans generally pose themselves as valuable tools, so the user is being tricked. Once the Trojan has made it into the system, the cybercriminals behind the attack gain access to the now compromised computer. The Trojan can be used for various purposes: financial data can be stolen, or other threats such as ransomware can be introduced.
Rootkits Distribute Admin Rights
Malware that gives attackers administrative access to infected systems is known as a rootkit. Rootkits are usually designed so that the attack cannot be detected by the user, other software, or the operating system itself.
Scareware Plays With Fear
This type of malware tries to mislead its victims into downloading additional software by using warning messages. How this perfidious scam works and why the topic of scareware is gaining importance again in-home office times can be found in our article “Scareware: When the fake alarm wakes panic.”
Keyloggers Capture Input
The term “keylogger” describes a type of malware that not only records the user’s keystrokes but also sends this recorded data to the attacker. This means they have sensitive data such as credit card details or login details for various services.
Detect Malware: Are There Any Clues?
As you can see, malware can get onto your devices in different ways: you click on infected links, click on advertisements, open attachments in emails or download an app – and you may have caught malware. As we have mentioned several times above, it is not always said that users notice the malware. Still, there are a few warning signs that could indicate an infection:
- Speed: Devices infected with malware tend to slow down. Indeed, this is one of the most significant effects malware has on devices: the pace of the respective operating system slows down, both when surfing the Internet and when using local applications.
- Advertisement: Your screen will be flooded with annoying advertisements that have no place at this point. Unexpected pop-up advertisements can also indicate a malware infection. This is particularly noticeable if you have accidentally caught adware.
- Crashes: It is not uncommon for malware-infected systems to crash, freeze, or display BSOD errors. The latter, i.e., “Blue Screen of Death,” occurs in Windows systems after serious mistakes.
- Memory Leak: If you’ve noticed you’re losing disk space for no good reason, it could be related to bloated malware hiding on your hard drive.
- Outrageous behavior: Your system is displaying behavior that you cannot explain yourself. An example would be an increase in internet activity for which you as the user are not responsible. Even if system resources are used unusually heavily, you should pay attention: Malware activities may be tapping into your system resources in the background. If your notebook, computer, or smartphone overheats, this can also be a consequence of malware.
- Unwanted New Features: Malware can cause new toolbars to appear in programs like your browser. Or programs you have not installed appear on the desktop, in the start menu, or the installation menu.
- AV Suite fails: If your antivirus program suddenly stops working or it can no longer be updated, there is a high probability that you have caught malware. You can assume that the malware has deactivated the AV suite to ravage the system unchecked.
Malware: How To Arm Yourself
There are many ways of catching malware, and detection options are sometimes difficult. Nonetheless, there are tips you can use to reduce the risk of malware harming your systems:
- AV Suite: There are very different antivirus programs on the market. They differ not only in terms of functionality but also in their detection of malware and other dangers. Once you have decided on an antivirus or anti-malware suite, take great care to keep the software up-to-date at all times. Read test reports, learn about the different malware detection methods (e.g., signature and behavior-based), and ask other users about their experiences.
- Import patches: What applies to your AV suite also applies to your operating system, software, and apps: keep everything up to date. Apply security patches immediately so that cybercriminals cannot exploit security holes once they are published.
- Security tools: Rely on security tools such as the firewall, which protects individual computers or computer networks from unwanted network access. A backup tool (or manual backups at defined intervals) can prevent the consequences of data encryption by ransomware or data destruction by worms.
- Common sense: You always have this “tool” with you. It costs nothing, and it cannot be contaminated by malware: use your common sense when downloading apps, documents, music, games, demos, or software. This includes, for example, generally avoiding clicking on pop-up advertisements or simply not clicking on links without checking. You can also rely on swarm intelligence for apps and software by reading testimonials from other users before installing them. Always read the permissions requested by the respective app – and be critical! It makes sense that your navigation app wants to access your location. But why a recipe app should access your site? Your common sense will certainly not be understood. So: listen to him!
- Avoid shadow IT: Organizations must be careful not to threaten their in-house networks with malware. This includes strict security guidelines that also cover mobile devices. To avoid shadow IT, a BYOD guideline with mandatory security solutions would be conceivable. Another alternative would be the provision of company-owned devices, including appropriate security solutions.